Microsoft is expanding its phishing protection features within Microsoft Teams, aiming to enhance security for all users by mid-February, according to a Bleeping Computer report. This new feature, enabled by default, will alert users when a potential phishing attack is detected.
Enhanced Security Measures in Microsoft Teams
The phishing attack alerts are primarily visible to users with external Teams access enabled. This feature facilitates communication between internal users and those outside the organization. Although the rollout commenced in mid-November, full implementation across all user accounts is expected by mid-February. Microsoft encourages users to become acquainted with the new high-risk Accept/Block screen.
The Microsoft Teams Communities features is now available for Microsoft 365 Personal and Family.
Upon receiving a potentially malicious message, users are prompted to preview and assess its legitimacy. Accepting the message triggers a secondary warning message, reiterating the potential risk before final acceptance. Administrators also gain access to an audit log, providing insights into detected phishing attacks utilizing this technique.
Managing External Access and Phishing Alerts
For users currently without the phishing alert feature and lacking the need for external communication, disabling the external access feature within the Microsoft Teams Admin Center is recommended. Conversely, if external communication is necessary, administrators can curate an allowed list of domains, mitigating the risk of exploitation.
Safeguarding Against Phishing Threats
The timeline for complete feature implementation remains uncertain. However, this enhanced security measure poses a significant challenge to threat actors, such as the Russian group documented for bombarding user inboxes with thousands of emails before impersonating IT support personnel.
Additional Security Features in Microsoft Teams
Microsoft Teams continues to prioritize user safety with additional features like Safe Links, which protects users from malicious URLs. The platform’s ongoing commitment to security enhancements promises a safer collaboration environment.
Conclusion
Microsoft’s proactive approach to phishing protection in Teams underscores its dedication to user security. The rollout of these enhanced features promises to significantly bolster defenses against phishing attacks, contributing to a more secure and trustworthy communication platform.
